Friday, March 15, 2019

HTTPS doesn't mean it isn't malicious...

https means "secure site".. unfortunately however, now that big web companies like Google, Facebook, Microsoft, etc.. have stated that all sites need to be secure (they don't), this is really only to benefit their ad-buying power.  Since any website can be secure (note my own are not and since I have no 3rd party influencers/advertising), all it means is that the website is registered to be 'safe' from third party influencers.  This doesn't mean a website can't still be malicious. In fact this secure website feature is nothing more than a money grab by Google and others so that they can have a better way of filtering legitimate ads and for ad blocking extensions to have more control. In fact my own websites which do not have any forms or secure credit card processing directly on the site means there is no need for me to pay for https so I don't.  The problem is web browsers like Chrome now show "not safe" or some other scary words to make it seem like you should not be looking at that website.  The data on my site has been safe for over 18 years so what has changed now? Nothing.. Yet here you are clicking on something from within your secure facebook page where you have to sign in using a username and password and now you have landed on a malicious website... 

If you happened to click on a link (quite often from within your Facebook feed) With what happened in this example.. Facebook sells advertising so a malicious website like the one you landed on will create the website that you landed on, selling a service which is to say they will fix your computer from viruses, etc. The fact that the website is actually a honeypot/landing site to lure people in doesn't matter to facebook, because the company is paying facebook to place the specific ad on facebook. 

What you can do is now go back to facebook and directly above the ad/feed you clicked on is to mark it as a bad site. Facebook is then going to check it out and hopefully remove it.. the problem is, people don't do this, typically because when they go back to their facebook feed, that doesn't show up again..

What you need to do is look at the link you are going to (by hovering your mouse over the link but NOT CLICKING, you will see the web address url: in the lower left corner of your screen within the chrome browser window) and even though it says https:   it is what comes after that.. so if you are on facebook and you are going to click on something, it should say https://facebook.com/whatever the url might be..  it is the first part which is the domain name (facebook.com) that you want to be sure of.

There are URL shorteners out there which will provide a link url that may actually be something like my website contact page (http://tpsconsulting.com/contact.html) for example, but if I were to use a shortener it becomes http://bit.ly/1xYf1BI
As you can see, that shortened url doesn't give you the domain name other than bit.ly  so you should NOT be clicking on it. The shortener is there to help shorten some very long website url's in the case of posting a link within an article for example, but the malicious websites will also use them to hide the landing location.